← DarkMatter LLC cases
Bugzilla #1472052
Certificate Misissuance
QuoVadis: Certificate containing Debian weak key
RESOLVED
FIXED
DarkMatter LLC
AI Summary
A certificate issued by QuoVadis in April 2016 was found to contain a Debian weak key and was not revoked until reported on May 13, 2018. The CA responded promptly by revoking the certificate and conducting a thorough review of their systems. They confirmed that no other certificates with this issue were found and have since implemented additional checks to prevent similar occurrences in the future. An incident report was requested to be published detailing the findings and corrective actions taken.
Chronology
- Issue reported to QuoVadis support
- Certificate revoked and systems reviewed
- Incident report requested
- Confirmation of no other weak keys found
Participants
Wayne Thayer
Stephen Davidson
External References
Similar Local Cases
QuoVadis: Multiple unreported misissuances in 2018
QuoVadis: Non-BR-Compliant OCSP Responder
QuoVadis: Non-BR-Compliant issuance --improper characters in DNSName (BIT sub-CA)
QuoVadis: IPaddress in DNSname SAN
QuoVadis: improper countryName format
IdenTrust: Improper encoding of wildcard certificate
Asseco DS / Certum: Non-BR-Compliant Issuance - Debian Weak Keys
DigiCert: "Some-State" in stateOrProvinceName